A critical vulnerability in Zyxel’s FLEX-H Series devices that enables attackers to execute arbitrary database queries and gain remote code execution capabilities without requiring authentication. The flaw, discovered by a researcher “rainpwn” and officially disclosed on April 22, 2025, exposes these enterprise-grade security appliances to potentially devastating attacks. The vulnerability stems from an architectural misconfiguration […]
The post Zyxel RCE Vulnerability Allows Arbitrary Query Execution Without any Authentication appeared first on Cyber Security News.
This article has been indexed from Cyber Security News